Bump sigstore/cosign-installer #221

	name: Secrets Check

	on:
	push:
	branches: [main]

	jobs:
	check:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- name: Detect secrets in incoming commits with Talisman
	# Third-party action, pin to commit SHA!
	# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
	uses: carhartl/talisman-secrets-scan-action@702fc5c52170632a568124896148a80f38521ac4
	- name: Send status to Slack
	# Third-party action, pin to commit SHA!
	# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
	uses: lazy-actions/slatify@c4847b8c84e3e8076fd3c42cc00517a10426ed65
	if: ${{ failure() && env.SLACK_WEBHOOK_URL }}
	env:
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
	with:
	type: ${{ job.status }}
	job_name: "Secrets scan :point_right:"
	mention: "here"
	mention_if: "failure"
	commit: true
	url: ${{ secrets.SLACK_WEBHOOK_URL }}
	token: ${{ secrets.GITHUB_TOKEN }}

Provide feedback